SOC Malware Analysis & Reverse Engineering SME

Job Title: SOC Malware Analysis & Reverse Engineering SME

RESPONSIBILITIES

• The person in this role is expected to generate leads for the Incident Response team for timely threat assessment, containment and response actions. It is expected that the person leads malware analysis and reverse engineering function and coordinates with internal/external cyber investigation teams for enabling effective response.

• Dissects malware samples to reverse engineer and conduct static and dynamic/behavioral analysis to extract IoCs and determine TTPs to help assess the relevant threat better and potential impact.

• Utilizes latest and advanced knowledge of relevant malware analysis tools and technologies (such as debuggers, compilers and sandboxes) for analyzing the threats and for supporting investigations. It is expected that the person in this role can leverage specialized knowledge, skill and experience to de-obfuscate and reverse engineer heavily obfuscated and virtualization/sandbox aware samples.

• Leads malware analysis lab capability building and investigations. The person in this role is expected to effectively integrate and automate relevant capabilities (such as Threat Intel IoCs, EDR, NDR, SIEM, etc) for context enrichment and to enable effective threat assessment at scale and with speed.

• Ensures that all analysis and investigations are appropriately conducted and documented as per cardinal forensic and operational security principles and organisation’s SOPs.

KEY REQUIREMENTS

MANDATORY

• Strong ethics, communication and team skills

• Hands-on experience with Enterprise SIEM (like Splunk, QRadar, Sentinel, etc) and EDR tools (like Microsoft Defender, CrowdStrike Falcon, etc)

• Hands-on experience with relevant debuggers, compilers and malware analysis tools (like windbg / ollydbg, IDA Pro, ghidra, procmon, wireshark / tshark, fiddler, etc)

• Hands-on experience in working with yara and sigma rules for threat assessment at scale.

• Minimum 10 years of enterprise experience in global SOC (Security Operations Centre) operations and minimum 5 years of hands-on malware analysis experience.

• Working knowledge of at least one of the scripting tools: Python/ Perl/ PowerShell.

• GIAC Certification GCFA or GREM

At HUL, we believe that every individual irrespective of their race, colour, religion, gender, sexual orientation, gender identity or expression, age, nationality, caste, disability or marital status can bring their purpose to life. So apply to us, to unleash your curiosity, challenge ideas and disrupt processes; use your energy to make the world a better place. As you work to make a real impact on the business and the world, we’ll work to help you become a better you!